Arthur de Jong

Open Source / Free Software developer

summaryrefslogtreecommitdiffstats
path: root/ChangeLog
blob: 552a6f788f03ffe66e5424afddc241d816aa5046 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
1078
1079
1080
1081
1082
1083
1084
1085
1086
1087
1088
1089
1090
1091
1092
1093
1094
1095
1096
1097
1098
1099
1100
1101
1102
1103
1104
1105
1106
1107
1108
1109
1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
1122
1123
1124
1125
1126
1127
1128
1129
1130
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
1141
1142
1143
1144
1145
1146
1147
1148
1149
1150
1151
1152
1153
1154
1155
1156
1157
1158
1159
1160
1161
1162
1163
1164
1165
1166
1167
1168
1169
1170
1171
1172
1173
1174
1175
1176
1177
1178
1179
1180
1181
1182
1183
1184
1185
1186
1187
1188
1189
1190
1191
1192
1193
1194
1195
1196
1197
1198
1199
1200
1201
1202
1203
1204
1205
1206
1207
1208
1209
1210
1211
1212
1213
1214
1215
1216
1217
1218
1219
1220
1221
1222
1223
1224
1225
1226
1227
1228
1229
1230
1231
1232
1233
1234
1235
1236
1237
1238
1239
1240
1241
1242
1243
1244
1245
1246
1247
1248
1249
1250
1251
1252
1253
1254
1255
1256
1257
1258
1259
1260
1261
1262
1263
1264
1265
1266
1267
1268
1269
1270
1271
1272
1273
1274
1275
1276
1277
1278
1279
1280
1281
1282
1283
1284
1285
1286
1287
1288
1289
1290
1291
1292
1293
1294
1295
1296
1297
1298
1299
1300
1301
1302
1303
1304
1305
1306
1307
1308
1309
1310
1311
1312
1313
1314
1315
1316
1317
1318
1319
1320
1321
1322
1323
1324
1325
1326
1327
1328
1329
1330
1331
1332
1333
1334
1335
1336
1337
1338
1339
1340
1341
1342
1343
1344
1345
1346
1347
1348
1349
1350
1351
1352
1353
1354
1355
1356
1357
1358
1359
1360
1361
1362
1363
1364
1365
1366
1367
1368
1369
1370
1371
1372
1373
1374
1375
1376
1377
1378
1379
1380
1381
1382
1383
1384
1385
1386
1387
1388
1389
1390
1391
1392
1393
1394
1395
1396
1397
1398
1399
1400
1401
1402
1403
1404
1405
1406
1407
1408
1409
1410
1411
1412
1413
1414
1415
1416
1417
1418
1419
1420
1421
1422
1423
1424
1425
1426
1427
1428
1429
1430
1431
1432
1433
1434
1435
1436
1437
1438
1439
1440
1441
1442
1443
1444
1445
1446
1447
1448
1449
1450
1451
1452
1453
1454
1455
1456
1457
1458
1459
1460
1461
1462
1463
1464
1465
1466
1467
1468
1469
1470
1471
1472
1473
1474
1475
1476
1477
1478
1479
1480
1481
1482
1483
1484
1485
1486
1487
1488
1489
1490
1491
1492
1493
1494
1495
1496
1497
1498
1499
1500
1501
1502
1503
1504
1505
1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
1592
1593
1594
1595
1596
1597
1598
1599
1600
1601
1602
1603
1604
1605
1606
1607
1608
1609
1610
1611
1612
1613
1614
1615
1616
1617
1618
1619
1620
1621
1622
1623
1624
1625
1626
1627
1628
1629
1630
1631
1632
1633
1634
1635
1636
1637
1638
1639
1640
1641
1642
1643
1644
1645
1646
1647
1648
1649
1650
1651
1652
1653
1654
1655
1656
1657
1658
1659
1660
1661
1662
1663
1664
1665
1666
1667
1668
1669
1670
1671
1672
1673
1674
1675
1676
1677
1678
1679
1680
1681
1682
1683
1684
1685
1686
1687
1688
1689
1690
1691
1692
1693
1694
1695
1696
1697
1698
1699
1700
1701
1702
1703
1704
1705
1706
1707
1708
1709
1710
1711
1712
1713
1714
1715
1716
1717
1718
1719
1720
1721
1722
1723
1724
1725
1726
1727
1728
1729
1730
1731
1732
1733
1734
1735
1736
1737
1738
1739
1740
1741
1742
1743
1744
1745
1746
1747
1748
1749
1750
1751
1752
1753
1754
1755
1756
1757
1758
1759
1760
1761
1762
1763
1764
1765
1766
1767
1768
1769
1770
1771
1772
1773
1774
1775
1776
1777
1778
1779
1780
1781
1782
1783
1784
1785
1786
1787
1788
1789
1790
1791
1792
1793
1794
1795
1796
1797
1798
1799
1800
1801
1802
1803
1804
1805
1806
1807
1808
1809
1810
1811
1812
1813
1814
1815
1816
1817
1818
1819
1820
1821
1822
1823
1824
1825
1826
1827
1828
1829
1830
1831
1832
1833
1834
1835
1836
1837
1838
1839
1840
1841
1842
1843
1844
1845
1846
1847
1848
1849
1850
1851
1852
1853
1854
1855
1856
1857
1858
1859
1860
1861
1862
1863
1864
1865
1866
1867
1868
1869
1870
1871
1872
1873
1874
1875
1876
1877
1878
1879
1880
1881
1882
1883
1884
1885
1886
1887
1888
1889
1890
1891
1892
1893
1894
1895
1896
1897
1898
1899
1900
1901
1902
1903
1904
1905
1906
1907
1908
1909
1910
1911
1912
2019-02-10  Arthur de Jong <arthur@arthurdejong.org>

	* [21323a0] .travis.yml, setup.py: Add Python 3.7 in Travis and
	  reduce build matrix

	  This runs the signxml flavour on all Python versions and only
	  runs all other flavours on Python 2.6 and 3.6.

2019-02-10  Arthur de Jong <arthur@arthurdejong.org>

	* [c2abbec] setup.cfg: Make the multi-line operator place explicit

	  Recent versions of flake8 changed the defaults of the errors
	  to ignore.

2018-07-30  Arthur de Jong <arthur@arthurdejong.org>

	* [5e93d32] pskc/crypto/aeskw.py: Ignore more flake8 messages

2018-05-21  Arthur de Jong <arthur@arthurdejong.org>

	* [f4b2559] docs/index.rst, docs/scripts.rst: Add links to script
	  documentation

2018-04-21  Arthur de Jong <arthur@arthurdejong.org>

	* [610f7cd] : Implement csv2pcks script

2018-04-19  Arthur de Jong <arthur@arthurdejong.org>

	* [7bbaac3] docs/csv2pskc.rst, pskc/scripts/csv2pskc.py,
	  tests/test_csv2pskc.doctest: Add --skip-columns option

	  This option can be used to skip a number of rows in the CSV file
	  before the key data is read. If the number of rows to skip is 0,
	  the column interpretation should be provided using the --columns
	  option.

2018-04-05  Arthur de Jong <arthur@arthurdejong.org>

	* [88002fc] docs/csv2pskc.rst, pskc/scripts/csv2pskc.py,
	  tests/test_csv2pskc.doctest: Add --set option

	  This option can be used to set key properties for all keys in
	  the PSKC file.

2018-04-05  Arthur de Jong <arthur@arthurdejong.org>

	* [e91e498] docs/csv2pskc.rst, pskc/scripts/csv2pskc.py,
	  tests/test_csv2pskc.doctest: Add --columns option

	  This option can be used to override the list of columns as found
	  in the first line of the CSV file or provide a mapping for values
	  found in the first line to PSKC properties.

2018-03-31  Arthur de Jong <arthur@arthurdejong.org>

	* [c652eee] csv2pskc.py, docs/conf.py, docs/csv2pskc.rst,
	  pskc/scripts/csv2pskc.py, setup.py, tests/test_csv2pskc.doctest:
	  Add a csv2pskc script for CSV to PSKC conversion

	  This script reads a CSV file and writes out a PSKC file with the
	  key information from the CSV file. The CSV file is expected to
	  have one row for each key and key property values in columns.

2018-04-02  Arthur de Jong <arthur@arthurdejong.org>

	* [ce96e69] pskc/scripts/__init__.py, pskc/scripts/pskc2csv.py,
	  pskc/scripts/pskc2pskc.py, pskc/scripts/util.py, pskc2csv.py,
	  pskc2pskc.py, setup.cfg, setup.py, tests/test_pskc2csv.doctest,
	  tests/test_pskc2pskc.doctest, tox.ini: Ship the script as part
	  of the pskc package

	  This also installs pskc2csv and pskc2pskc console script entry
	  points as part of the package installation.

2018-03-03  Arthur de Jong <arthur@arthurdejong.org>

	* [7a56eac] pskc/__init__.py, pskc/device.py,
	  tests/test_misc.doctest: Support setting key sub-properties
	  via add_key()

2018-03-11  Arthur de Jong <arthur@arthurdejong.org>

	* [e6f2dd4] pskc/encryption.py, tests/test_encryption.doctest,
	  tests/test_pskc2pskc.doctest, tests/test_write.doctest: Increase
	  default PBKDF2 iterations to 100000

2018-02-21  Arthur de Jong <arthur@arthurdejong.org>

	* [9026e1c] setup.cfg: Support building a universal wheel

2018-02-15  Arthur de Jong <arthur@arthurdejong.org>

	* [b3e7fe7] pskc/__init__.py, pskc/crypto/aeskw.py,
	  pskc/device.py, pskc/encryption.py, pskc/key.py, pskc/parser.py,
	  pskc/serialiser.py, pskc/signature.py, setup.cfg: Add and
	  cleanup docstrings

	  This adds docstrings to public methods and cleans up a few other
	  docstrings to pass most flake8 docstring related tests.

	  This also adds noqa statements in a few places so we can remove
	  most entries from the global flake8 ignore list.

2018-02-10  Arthur de Jong <arthur@arthurdejong.org>

	* [03ee35d] docs/conf.py, docs/pskc2pskc.rst, pskc2pskc.py,
	  setup.cfg, tests/test_pskc2pskc.doctest: Add a pskc2pskc script
	  for converting PSKC files

	  This script reads a PSKC file in any supported format and writes
	  out a RFC 6030 compliant version of the file, optionally with
	  the encryption removed or (re-)encrypting the file with a new key.

2018-02-08  Arthur de Jong <arthur@arthurdejong.org>

	* [924e1f3] pskc/serialiser.py, tests/test_write.doctest: Correctly
	  write a PSKC file without a MAC key

	  In some cases a PSKC file can be written with a MAC algorithm
	  but without a MAC key. This is possible when the MAC key is not
	  supplied (allowed in older PSKC versions) and a fallback to the
	  encryption key is done. If we have not yet decrypted the file
	  the MAC key is not yet available and so can't be included in
	  the written file.

2018-02-04  Arthur de Jong <arthur@arthurdejong.org>

	* [be2b49f] pskc/encryption.py, pskc/serialiser.py,
	  tests/test_write.doctest: Correctly write a PSKC file with a
	  global IV

	  This ensures that the encryption IV, which should be per encrypted
	  value is written out per encrypted value instead of globally. This
	  is mostly useful for when reading an old format PSKC file and
	  writing out a RFC 6030 compliant one.

2018-02-07  Arthur de Jong <arthur@arthurdejong.org>

	* [e60d7f3] pskc/mac.py, pskc/parser.py, pskc/serialiser.py:
	  Also use EncryptedValue for MAC key

	  This ensures that an encrypted MAC key is hanled in the same
	  way as normal encrypted data values.

	  This also ensures consistent fallback to the globally
	  configured encryption algorithm if no value has been set in
	  the EncryptedValue.

2018-01-31  Arthur de Jong <arthur@arthurdejong.org>

	* [8054c6e] pskc/serialiser.py: Always output a PSKC 1.0 format file

	  This ignores the value of the version attribute in the PSKC
	  object and always writes a PSKC 1.0 (RFC 6030) format file.

2018-01-31  Arthur de Jong <arthur@arthurdejong.org>

	* [97faa13] docs/encryption.rst, pskc/encryption.py,
	  tests/test_encryption.doctest, tests/test_write.doctest: Implement
	  removing encryption

	  This adds a function to decrypt all values and remove the
	  encryption of an encrypted PSKC file.

2018-02-08  Arthur de Jong <arthur@arthurdejong.org>

	* [2698657] .travis.yml: Add a Travis configuration file

2018-02-04  Arthur de Jong <arthur@arthurdejong.org>

	* [82fa3bd] pskc/encryption.py, pskc/serialiser.py, pskc2csv.py:
	  Fix code style issues

	  Fixes 1ff3237f, 84bfb8a6 and 20bf9c5

2017-12-29  Arthur de Jong <arthur@arthurdejong.org>

	* [2693495] tests/test_misc.doctest, tests/test_pskc2csv.doctest,
	  tox.ini: Fixes to test suite

	  This ensures that the tests also work without a TTY and work
	  regardless of the PYTHONWARNINGS and TZ environment variables

	  Fixes cd33833

2017-12-29  Arthur de Jong <arthur@arthurdejong.org>

	* [fe63c42] ChangeLog, MANIFEST.in, NEWS, pskc/__init__.py,
	  setup.py: Get files ready for 1.0 release

2017-12-29  Arthur de Jong <arthur@arthurdejong.org>

	* [2651e80] tests/test_write.doctest: Not all XML serialisers
	  write namespaces in same order

	  This ignores the namespace declarations in the generated XML
	  files because not all implementations on all environments write
	  these in the same order.

2017-12-29  Arthur de Jong <arthur@arthurdejong.org>

	* [44b1353] docs/conf.py, setup.cfg, tox.ini: Add Sphinx
	  documentation checks

	  This also slightly tunes the way Sphinx documentation is built.

2017-12-15  Arthur de Jong <arthur@arthurdejong.org>

	* [42be53b] pskc2csv.py, tox.ini: Add support for PyPy

2017-12-15  Arthur de Jong <arthur@arthurdejong.org>

	* [660ed65] setup.py, tox.ini: Add support for Python 3.7

2017-12-15  Arthur de Jong <arthur@arthurdejong.org>

	* [9cd97c9] README, setup.py: Use README as package long description

2017-12-15  Arthur de Jong <arthur@arthurdejong.org>

	* [20bf9c5] docs/encryption.rst, pskc/encryption.py, pskc2csv.py,
	  tests/test_rfc6030.doctest: Add an is_encrypted property

	  This property can be use to see whether the PSKC file needs an
	  additional pre-shared key or passphrase to decrypt any stored
	  information.

2017-12-27  Arthur de Jong <arthur@arthurdejong.org>

	* [c365a70] : Implement XML signature checking

2017-12-17  Arthur de Jong <arthur@arthurdejong.org>

	* [418f3dc] docs/encryption.rst, docs/index.rst, docs/mac.rst,
	  docs/signatures.rst, docs/usage.rst: Add documentation for signed
	  PSKC files

2017-12-23  Arthur de Jong <arthur@arthurdejong.org>

	* [a97ac46] pskc/parser.py, pskc/serialiser.py,
	  pskc/signature.py, pskc/xml.py, setup.py,
	  tests/certificate/README, tests/certificate/ca-certificate.pem,
	  tests/certificate/ca-key.pem, tests/certificate/certificate.pem,
	  tests/certificate/key.pem, tests/certificate/request.pem,
	  tests/certificate/ss-certificate.pem,
	  tests/rfc6030/figure9.pskcxml,
	  tests/test_draft_ietf_keyprov_pskc_02.doctest,
	  tests/test_rfc6030.doctest, tests/test_signature.doctest, tox.ini:
	  Implement signature checking

	  This adds support for creating and verifying embedded XML
	  signatures in PSKC files. This uses the third-party signxml
	  library for actual signing and verification.

	  The signxml library has a dependency on lxml and defusedxml
	  (and a few others) but all parts of python-pskc still work
	  correctly with our without lxml and/or defusedxml and signxml
	  is only required when working with embedded signatures.

	  This modifies the tox configuration to skip the signature
	  checks if singxml is not installed and to only require 100%
	  code coverage if the signature tests are done.

2017-12-15  Arthur de Jong <arthur@arthurdejong.org>

	* [c0bd21f] pskc/xml.py: Move namespace moving to own function

2017-09-22  Arthur de Jong <arthur@arthurdejong.org>

	* [ea503d6] pskc/__init__.py, pskc/parser.py, pskc/signature.py,
	  tests/test_draft_ietf_keyprov_pskc_02.doctest,
	  tests/test_rfc6030.doctest: Implement basic parsing of signature
	  properties

2017-12-23  Arthur de Jong <arthur@arthurdejong.org>

	* [fcc6cdb] pskc2csv.py: Explicitly close output file in pskc2csv

	  This ensures that the file descriptor is closed if we opened
	  the file.  This is not a big problem for the script (because
	  the script exists anyway) but causes problems for the tests.

2017-12-18  Arthur de Jong <arthur@arthurdejong.org>

	* [052f5bc] docs/policy.rst, pskc/parser.py,
	  pskc/policy.py, pskc/serialiser.py, tests/test_misc.doctest,
	  tests/test_write.doctest: Fix typo in pin_max_failed_attempts
	  attribute

	  This makes the old name (pin_max_failed_attemtps) available as
	  a deprecated property.

2017-12-15  Arthur de Jong <arthur@arthurdejong.org>

	* [6f0ca70] pskc/parser.py,
	  tests/draft-hoyer-keyprov-portable-symmetric-key-container-00/non-encrypted.pskcxml,
	  tests/draft-hoyer-keyprov-portable-symmetric-key-container-00/password-encrypted.pskcxml,
	  tests/draft-hoyer-keyprov-portable-symmetric-key-container-01/non-encrypted.pskcxml,
	  tests/draft-hoyer-keyprov-portable-symmetric-key-container-01/password-encrypted.pskcxml,
	  tests/test_draft_hoyer_keyprov_portable_symmetric_key_container.doctest:
	  Add limited support for very old draft PSKC versions

	  This adds basic support for parsing the PSKC files as specified
	  in draft-hoyer-keyprov-portable-symmetric-key-container-00 and
	  draft-hoyer-keyprov-portable-symmetric-key-container-01.

	  It should be able to extract secrets, counters, etc. but not
	  all properties from the PSKC file are supported.

	  It is speculated that this format resembles the "Verisign PSKC
	  format" that some applications produce.

2016-09-19  Arthur de Jong <arthur@arthurdejong.org>

	* [9b85634] tests/multiotp/pskc-hotp-aes.txt,
	  tests/multiotp/pskc-hotp-pbe.txt, tests/multiotp/pskc-totp-aes.txt,
	  tests/multiotp/pskc-totp-pbe.txt,
	  tests/multiotp/tokens_hotp_aes.pskc,
	  tests/multiotp/tokens_hotp_pbe.pskc,
	  tests/multiotp/tokens_ocra_aes.pskc,
	  tests/multiotp/tokens_ocra_pbe.pskc,
	  tests/multiotp/tokens_totp_aes.pskc,
	  tests/multiotp/tokens_totp_pbe.pskc, tests/test_multiotp.doctest:
	  Add test files from multiOTP

	  This adds tests for parsing the files that are shipped as part
	  of the multiOTP test suite.

	  https://www.multiotp.net/

2017-12-15  Arthur de Jong <arthur@arthurdejong.org>

	* [01507af] pskc/key.py, pskc/parser.py, pskc/serialiser.py,
	  tests/misc/partialxml.pskcxml, tests/test_misc.doctest,
	  tests/test_write.doctest: Refactor internal storate of encrypted
	  values

	  This changes the way encrypted values are stored internally before
	  being decrypted. For example, the internal _secret property can now
	  be a decrypted plain value or an EncryptedValue instance instead
	  of always being a DataType, simplifying some things (e.g. all
	  XML encoding/decoding is now done in the corresponding module).

	  This should not change the public API but does have consequences
	  for those who use custom serialisers or parsers.

2017-12-13  Arthur de Jong <arthur@arthurdejong.org>

	* [dcf1919] pskc/crypto/aeskw.py, pskc/encryption.py,
	  tests/encryption/kw-camellia128.pskcxml,
	  tests/encryption/kw-camellia192.pskcxml,
	  tests/encryption/kw-camellia256.pskcxml,
	  tests/test_encryption.doctest: Add support for KW-Camellia suite
	  of algorithms

2017-12-13  Arthur de Jong <arthur@arthurdejong.org>

	* [364e93d] pskc/encryption.py,
	  tests/encryption/camellia128-cbc.pskcxml,
	  tests/encryption/camellia192-cbc.pskcxml,
	  tests/encryption/camellia256-cbc.pskcxml,
	  tests/test_encryption.doctest: Add support for Camellia-CBC
	  suite of algorithms

2017-10-11  Arthur de Jong <arthur@arthurdejong.org>

	* [4c5e046] docs/conf.py, docs/pskc2csv.rst, setup.cfg: Add a
	  manual page for pskc2csv

2017-10-09  Arthur de Jong <arthur@arthurdejong.org>

	* [25cb2fc] setup.cfg: Ignore missing docstring in __init__ in flake

2017-09-30  Arthur de Jong <arthur@arthurdejong.org>

	* [225e569] pskc/crypto/__init__.py, pskc/crypto/aeskw.py,
	  pskc/crypto/tripledeskw.py, pskc/encryption.py,
	  pskc/mac.py, setup.cfg, setup.py, tests/test_crypto.doctest,
	  tests/test_encryption.doctest, tox.ini: Replace pycrypto with
	  cryptography

	  The cryptography library is better supported.

	  This uses the functions from cryptography for AES and Triple
	  DES encryption, replaces the (un)padding functions that were
	  previously implemented in python-pskc with cryptography and uses
	  PBKDF2 implementation from hashlib.

2017-09-30  Arthur de Jong <arthur@arthurdejong.org>

	* [5dff7d4] pskc/encryption.py: Use PBKDF2 from hashlib

	  This uses pbkdf2_hmac() from hashlib for the PBKDF2 calculation.
	  The downside of this is that this function is only available
	  since Python 2.7.8.

2017-09-30  Arthur de Jong <arthur@arthurdejong.org>

	* [2c8a9b7] pskc/crypto/aeskw.py, pskc/crypto/tripledeskw.py,
	  pskc/encryption.py, pskc/mac.py, tests/test_aeskw.doctest,
	  tests/test_write.doctest: Replace use of pycrypto utility functions

	  This uses os.urandom() as a source for random data and replaces
	  other utility functions. This also removes one import for getting
	  the lengths of Tripple DES keys.

2017-09-24  Arthur de Jong <arthur@arthurdejong.org>

	* [d0eddf8] pskc/serialiser.py, pskc/xml.py,
	  tests/test_write.doctest: Implement our own XML formatting

	  This avoids a using xml.dom.minidom to indent the XML tree and
	  keep the attributes ordered alphabetically. This also allows
	  for customisations to the XML formatting.

2017-09-24  Arthur de Jong <arthur@arthurdejong.org>

	* [4ed4e11] tests/test_mac.doctest: Support hashlib from Python 2.7.3

	  Some Python versions don't have the algorithms_available property
	  but do have the algorithms property in hashlib.

2017-09-24  Arthur de Jong <arthur@arthurdejong.org>

	* [b90faeb] pskc/xml.py, setup.py, tox.ini: Use defusedxml if
	  available

	  This uses the defusedxml library if available to defend agains
	  a number of XML-based attacks.

2017-09-23  Arthur de Jong <arthur@arthurdejong.org>

	* [7272e54] pskc/serialiser.py, tests/test_write.doctest: Fix bug
	  in saving PBKDF2 salt on Python3

	  The PBKDF2 salt was saved in the wrong way (b'base64encodeddata'
	  instead of base64encodeddata) when using Python 3. This fixes
	  that problem and tests that saving and loading of a file that
	  uses PBKDF2 key derivation works.

2017-09-23  Arthur de Jong <arthur@arthurdejong.org>

	* [cd33833] pskc2csv.py, setup.cfg, tests/test_pskc2csv.doctest:
	  Add tests for the pskc2csv script

	  This makes minor changes to the pskc2csv script to make it more
	  easily testable.

2017-09-22  Arthur de Jong <arthur@arthurdejong.org>

	* [6028b8e] pskc2csv.py: Support adding custom CSV file headers

	  This allows adding an optional label to the --columns option that
	  can be used to output a label different from the key property
	  name in the CSV file header.

2017-09-20  Arthur de Jong <arthur@arthurdejong.org>

	* [eef681b] pskc2csv.py: Add --secret-encoding option to pskc2csv

	  This option can be used to configure the encoding of the secret
	  in the CSV file (still hex by default).

2017-09-20  Arthur de Jong <arthur@arthurdejong.org>

	* [6f78dd6] pskc/__init__.py, pskc/crypto/aeskw.py,
	  pskc/crypto/tripledeskw.py, pskc/exceptions.py, pskc/mac.py,
	  pskc/parser.py, pskc/policy.py, pskc/serialiser.py, setup.cfg,
	  tox.ini: Run flake8 from tox

	  This also makes a few small code formatting changes to ensure
	  that the flake8 tests pass.

2017-09-11  Arthur de Jong <arthur@arthurdejong.org>

	* [cc3acc2] tox.ini: Simplify Tox configuration

2017-06-10  Arthur de Jong <arthur@arthurdejong.org>

	* [0c00c80] pskc/__init__.py, pskc/encryption.py, pskc/parser.py,
	  pskc/serialiser.py, pskc/xml.py, pskc2csv.py: Various minor code
	  style improvements

2017-06-10  Arthur de Jong <arthur@arthurdejong.org>

	* [510e6a5] pskc/encryption.py, pskc/parser.py: Normalise key
	  derivation algorithms

	  This makes KeyDerivation.algorithm and KeyDerivation.pbkdf2_prf
	  properties automatically normalise assigned values.

2017-06-10  Arthur de Jong <arthur@arthurdejong.org>

	* [d72e6cc] pskc/xml.py: Switch to using non-deprecated method

	  This uses ElementTree.iter() instead of ElementTree.getiterator()
	  for going over all the child elements in the tree because the
	  latter is deprecated.

2017-06-10  Arthur de Jong <arthur@arthurdejong.org>

	* [7b106ff] docs/usage.rst, pskc/key.py, tests/test_yubico.doctest:
	  Provide Key.userid convenience property

	  This provides a read-only userid property on Key objects that uses
	  the key_userid or device_userid value, whichever one is defined.

2017-06-09  Arthur de Jong <arthur@arthurdejong.org>

	* [f0d2991] docs/conf.py, docs/encryption.rst, docs/exceptions.rst,
	  docs/mac.rst: Document supported encryption and MAC algorithms

	  This also includes a few other small documentation improvements.

2017-06-09  Arthur de Jong <arthur@arthurdejong.org>

	* [8b8848d] pskc/encryption.py, pskc/mac.py,
	  tests/test_invalid.doctest, tests/test_mac.doctest: Refactor
	  MAC lookups

	  This switches to using the hashlib.new() function to be able to use
	  all hashes that are available in Python (specifically RIPEMD160).

	  This also adds a number of tests for HMACs using test vectors
	  from RFC 2202, RFC 4231 and RFC 2857.

2017-06-09  Arthur de Jong <arthur@arthurdejong.org>

	* [e10f9c6] pskc/algorithms.py: Handle more algortihm URIs

	  This adds a number of algorithm URIs defined in RFC 6931 and also
	  simplifies the definition of the list of URIs. It also adds more
	  aliases for algorithms.

2017-01-25  Arthur de Jong <arthur@arthurdejong.org>

	* [1fc1a03] README, docs/usage.rst, setup.py: Switch URLs to HTTPS

2017-01-21  Arthur de Jong <arthur@arthurdejong.org>

	* [8de25c2] tests/actividentity/test.pskcxml,
	  tests/test_actividentity.doctest: Correct name of ActivIdentity
	  test file

2017-01-21  Arthur de Jong <arthur@arthurdejong.org>

	* [5889df7] ChangeLog, NEWS, README, docs/conf.py, pskc/__init__.py,
	  pskc2csv.py, setup.py: Get files ready for 0.5 release

2017-01-15  Arthur de Jong <arthur@arthurdejong.org>

	* [29a183d] tests/test_feitian.doctest, tests/test_nagraid.doctest:
	  Split vendor tests

	  Have one doctest file per vendor to make tests a little more
	  manageable.

2017-01-14  Arthur de Jong <arthur@arthurdejong.org>

	* [02eb520] tests/test_yubico.doctest, tests/yubico/example1.pskcxml,
	  tests/yubico/example2.pskcxml, tests/yubico/example3.pskcxml:
	  Add tests for Yubikey files

	  This adds tests from draft-josefsson-keyprov-pskc-yubikey-00.

2017-01-13  Arthur de Jong <arthur@arthurdejong.org>

	* [12dfa64] pskc/parser.py, tests/actividentity/test.pskc,
	  tests/test_actividentity.doctest: Support legacy ActivIdentity
	  files

	  This adds support for parsing ActivIdentity files that conform
	  to a very old version of an Internet Draft. The implementation
	  and test were based on a file provided by Jaap Ruijgrok.

2017-01-11  Arthur de Jong <arthur@arthurdejong.org>

	* [a5e2343] pskc/parser.py,
	  tests/draft-hoyer-keyprov-pskc-algorithm-profiles-01/actividentity-3des.pskcxml,
	  tests/draft-hoyer-keyprov-pskc-algorithm-profiles-01/ocra.pskcxml,
	  tests/draft-hoyer-keyprov-pskc-algorithm-profiles-01/securid-aes-counter.pskcxml,
	  tests/draft-hoyer-keyprov-pskc-algorithm-profiles-01/totp.pskcxml:
	  Use original examples from old profiles Internet Draft

	  This updates the tests to use the original examples from
	  draft-hoyer-keyprov-pskc-algorithm-profiles-01 instead of
	  modifying them to fit the RFC 6030 schema (but does include some
	  minor changes to make them valid XML).

	  This adds a few additions to the parser to handle legacy challenge
	  and resposne encoding and a few key policy properties.

	  This also includes a fix for 0b757ec in the handling of the
	  <ChallengeFormat> element under a <Usage> element.

2016-12-21  Arthur de Jong <arthur@arthurdejong.org>

	* [2f7cb1a] tests/rfc6030/figure8.pskcxml,
	  tests/rfc6030/figure9.pskcxml, tests/test_rfc6030.doctest:
	  Add all figures from RFC 6030 to test suite

	  Note that asymmetric encryption and digital signature checking
	  has not yet been implemented so the tests are pretty minimal.
2016-12-21  Arthur de Jong <arthur@arthurdejong.org>

	* [0b757ec] pskc/parser.py, pskc/xml.py,
	  tests/draft-ietf-keyprov-pskc-02/figure2.pskcxml,
	  tests/draft-ietf-keyprov-pskc-02/figure3.pskcxml,
	  tests/draft-ietf-keyprov-pskc-02/figure4.pskcxml,
	  tests/draft-ietf-keyprov-pskc-02/figure5.pskcxml,
	  tests/draft-ietf-keyprov-pskc-02/figure6.pskcxml,
	  tests/draft-ietf-keyprov-pskc-02/figure7.pskcxml,
	  tests/draft-ietf-keyprov-pskc-02/figure8.pskcxml,
	  tests/draft-ietf-keyprov-pskc-02/figure9.pskcxml,
	  tests/test_draft_ietf_keyprov_pskc_02.doctest: Add support for
	  older Internet Draft version

	  This adds support for parsing most examples from
	  draft-ietf-keyprov-pskc-02. That file uses a few other names
	  for elements and attributes of the PSKC file and a few other
	  minor differences.

	  The XML parsing has been changed to allow specifying multiple
	  matches and the find*() functions now return the first found match.

	  While all examples from draft-ietf-keyprov-pskc-02 are tested
	  support for verifying digital signatures and asymmetric keys
	  have not yet been implemented.

2016-12-19  Arthur de Jong <arthur@arthurdejong.org>

	* [09076f8] tests/test_encryption.doctest: Fix typo in test

2016-12-20  Arthur de Jong <arthur@arthurdejong.org>

	* [46fa5f1] setup.cfg: Fail tests on missing coverage

2016-12-20  Arthur de Jong <arthur@arthurdejong.org>

	* [047a2a9] pskc/key.py, pskc/mac.py,
	  tests/encryption/mac-over-plaintext.pskcxml,
	  tests/invalid/mac-missing.pskcxml, tests/invalid/mac-value.pskcxml,
	  tests/invalid/missing-encryption-method.pskcxml,
	  tests/test_encryption.doctest, tests/test_invalid.doctest:
	  Allow MAC over plaintext or ciphertext

	  RFC 6030 implies that the MAC should be performed over the
	  ciphertext but some earlier drafts implied that the MAC should
	  be performed on the plaintext. This change accpets the MAC if
	  either the plaintext or ciphertext match.

	  Note that this change allows for a padding oracle attack when
	  CBC encryption modes are used because decryption (and unpadding)
	  needs to be done before MAC checking. However, this module is
	  not expected to be available to users to process arbitrary PSKC
	  files repeatedly.

	  This removes the tests for a missing MAC key (and replaces it for
	  tests of missing EncryptionMethod) because falling back to using
	  the encryption key (implemented in a444f78) in combination with
	  this change means that decryption is performed before MAC checking
	  and is no longer possible to trigger a missing MAC key error.

2016-12-19  Arthur de Jong <arthur@arthurdejong.org>

	* [bae7084] pskc/crypto/__init__.py, pskc/encryption.py,
	  tests/test_crypto.doctest: Add sanity checks to unpadding

2016-12-19  Arthur de Jong <arthur@arthurdejong.org>

	* [d864bc8] pskc/serialiser.py: Ensure XML file ends with a newline

2016-12-19  Arthur de Jong <arthur@arthurdejong.org>

	* [c631628] pskc/xml.py: Adapt coverage pragma annotations

	  This fixes the pragma directives to be be correct independently
	  of whether lxml is installed or not.

2016-12-19  Arthur de Jong <arthur@arthurdejong.org>

	* [18d82dc] .gitignore, tox.ini: Add Tox configuration

	  This sets up Tox with various versions of Python and for each
	  version a run with and without lxml.

2016-12-19  Arthur de Jong <arthur@arthurdejong.org>

	* [71058e2] tests/test_write.doctest: Close read files in tests

	  This ensures that the files that are read in the test suite are
	  properly closed to avoid leaking open file descriptors.

2016-12-18  Arthur de Jong <arthur@arthurdejong.org>

	* [f0a0a3b] pskc/parser.py: Support missing or lowercase version
	  attribute

2016-09-26  Arthur de Jong <arthur@arthurdejong.org>

	* [3bf4737] docs/usage.rst: Fix copy-pasto in documentation

	  This accidentally slipped in as part of beafc6b.  2016-09-19
Arthur de Jong <arthur@arthurdejong.org>

	* [02b30a9] pskc/__init__.py, pskc/parser.py, pskc/serialiser.py:
	  Also move outer writing and parsing to modules

2016-09-17  Arthur de Jong <arthur@arthurdejong.org>

	* [b1f8f87] .gitignore, README, pskc/__init__.py: Add writing
	  example to toplevel documentation

2016-09-17  Arthur de Jong <arthur@arthurdejong.org>

	* [e23a467] pskc/key.py: Use custom data descriptors for key
	  properties

	  This uses a custom data descriptor (property) for secret, counter,
	  time_offset, time_interval and time_drift.

2016-09-17  Arthur de Jong <arthur@arthurdejong.org>

	* [beafc6b] docs/usage.rst, pskc/__init__.py, pskc/device.py,
	  pskc/key.py, pskc/parser.py, pskc/policy.py, pskc/serialiser.py,
	  tests/test_misc.doctest, tests/test_write.doctest: Support
	  separate device from key

	  This allows having multiple keys per device while also maintaining
	  the previous API.

	  Note that having multiple keys per device is not allowed by the
	  RFC 6030 schema but is allowed by some older internet drafts.

2016-09-16  Arthur de Jong <arthur@arthurdejong.org>

	* [84bfb8a] pskc/__init__.py, pskc/encryption.py, pskc/key.py,
	  pskc/mac.py, pskc/policy.py, pskc/serialiser.py: Move XML
	  generation to own module

	  Similar to the change for parsing, move the XML serialisation
	  of PSKC data to a single class in a separate module.

2016-09-14  Arthur de Jong <arthur@arthurdejong.org>

	* [426e821] pskc/__init__.py, pskc/encryption.py, pskc/key.py,
	  pskc/mac.py, pskc/parser.py, pskc/policy.py: Move document
	  parsing to own module

	  This moves all the parse() functions to a single class in a
	  dedicated module that can be used for parsing PSKC files. This
	  should make it easier to subclass the parser.

2016-09-14  Arthur de Jong <arthur@arthurdejong.org>

	* [bf34209] tests/invalid/no-mac-method.pskcxml,
	  tests/test_invalid.doctest, tests/test_rfc6030.doctest: Some
	  minor improvements to the tests

2016-09-12  Arthur de Jong <arthur@arthurdejong.org>

	* [600ae68] pskc/encryption.py, pskc/key.py, pskc/xml.py,
	  setup.cfg, tests/invalid/empty-mac-key.pskcxml,
	  tests/invalid/incomplete-derivation.pskcxml,
	  tests/invalid/missing-encryption.pskcxml,
	  tests/misc/SampleFullyQualifiedNS.xml, tests/misc/policy.pskcxml,
	  tests/test_aeskw.doctest, tests/test_encryption.doctest,
	  tests/test_invalid.doctest, tests/test_misc.doctest,
	  tests/test_write.doctest: Improve branch coverage

	  This enables branch coverage testing and adds tests to improve
	  coverage.

2016-09-11  Arthur de Jong <arthur@arthurdejong.org>

	* [713d106] pskc/encryption.py, tests/test_encryption.doctest:
	  Support specifying PRF in setup_pbkdf2()

	  This also ensures that the PRF URL is normalised.

2016-09-11  Arthur de Jong <arthur@arthurdejong.org>

	* [ff811c9] pskc/encryption.py: Fix bug in passing explicit key
	  to setup_preshared_key()

2016-09-11  Arthur de Jong <arthur@arthurdejong.org>

	* [fa07aa5] docs/encryption.rst, pskc/encryption.py: Clarify
	  encryption.setup_*() documentation

	  This tries to make it clearer that the setup_preshared_key()
	  and setup_pbkdf2() functions are meant to be used when writing
	  out PSKC files.

2016-04-23  Arthur de Jong <arthur@arthurdejong.org>

	* [a444f78] pskc/key.py, pskc/mac.py,
	  tests/encryption/no-mac-key.pskcxml,
	  tests/invalid/mac-missing.pskcxml, tests/test_encryption.doctest,
	  tests/test_invalid.doctest: Fall back to encryption key for MAC

	  This uses the encryption key also as MAC key if no MAC key has
	  been specified in the PSKC file. Earlier versions of the PSKC
	  draft specified this behaviour.

2016-04-23  Arthur de Jong <arthur@arthurdejong.org>

	* [9b76135] pskc/encryption.py,
	  tests/encryption/aes128-cbc-noiv.pskcxml,
	  tests/test_encryption.doctest: Allow global specification of IV

	  In older versions of the PSKC standard it was allowed to
	  have a global initialization vector for CBC based encryption
	  algorithms. It is probably not a good idea to re-use an IV
	  in general.

2016-04-23  Arthur de Jong <arthur@arthurdejong.org>

	* [d53f05b] pskc/encryption.py, pskc/mac.py: Move crypto to functions

	  This makes it much easier to test the encryption, decryption
	  and HMAC processing separate from the PSKC parsing.

2016-04-05  Arthur de Jong <arthur@arthurdejong.org>

	* [5dbfefd] pskc/__init__.py, pskc/encryption.py, pskc/key.py,
	  pskc/policy.py: Remove parse call from constructors

	  This makes the creation if internal instances a litte more
	  consistent.

2016-04-05  Arthur de Jong <arthur@arthurdejong.org>

	* [0d7caf1] pskc/algorithms.py, pskc/encryption.py, pskc/mac.py:
	  Move algorithm uri handling to separate module

2016-03-29  Arthur de Jong <arthur@arthurdejong.org>

	* [22ba9f1] pskc/crypto/__init__.py, pskc/encryption.py: Move
	  padding functions to crypto package

2016-03-28  Arthur de Jong <arthur@arthurdejong.org>

	* [efbe94c] ChangeLog, NEWS, pskc/__init__.py, setup.py: Get files
	  ready for 0.4 release

2016-03-26  Arthur de Jong <arthur@arthurdejong.org>

	* [0c57335] docs/policy.rst: Document may_use() policy function

2016-03-27  Arthur de Jong <arthur@arthurdejong.org>

	* [b4a6c72] : Implement writing encrypted files

	  This adds support for setting up encryption keys and password-based
	  key derivation when writing PSKC files. Also MAC keys are set
	  up when needed.

2016-03-26  Arthur de Jong <arthur@arthurdejong.org>

	* [59aa65b] README, docs/conf.py, docs/encryption.rst, docs/mac.rst,
	  docs/usage.rst, pskc/__init__.py: Document writing encrypted files

2016-03-21  Arthur de Jong <arthur@arthurdejong.org>

	* [5f32528] tests/test_write.doctest: Add encryption error tests

2016-03-21  Arthur de Jong <arthur@arthurdejong.org>

	* [7ede4a1] tests/test_write.doctest: Add tests for writing
	  encrypted PSKC files

2016-03-20  Arthur de Jong <arthur@arthurdejong.org>

	* [1ff3237] pskc/encryption.py: Allow configuring a pre-shared key

	  This method allows configuring a pre-shared encryption key and
	  will chose reasonable defaults for needed encryption values
	  (e.g. it will choose an algorithm, generate a new key of the
	  appropriate length if needed, etc.).

2016-03-19  Arthur de Jong <arthur@arthurdejong.org>

	* [50414a3] pskc/encryption.py, tests/test_encryption.doctest:
	  Allow configuring PBKDF2 key derivation

	  This factors out the PBKDF2 key derivation to a separate function
	  and introduces a function to configure KeyDerivation instances
	  with PBKDF2.

2016-03-21  Arthur de Jong <arthur@arthurdejong.org>

	* [5ac9d43] pskc/mac.py, tests/test_encryption.doctest: Allow
	  configuring a MAC key

	  This method will set up a MAC key and algorithm as specified or
	  use reasonable defauts.

2016-03-20  Arthur de Jong <arthur@arthurdejong.org>

	* [16da531] pskc/key.py, pskc/mac.py: Generate MAC values

2016-03-20  Arthur de Jong <arthur@arthurdejong.org>

	* [ca0fa36] pskc/__init__.py, pskc/encryption.py, pskc/mac.py:
	  Write MACMethod

	  This also makes the MAC.algorithm a property similarly as what
	  is done for Encryption (normalise algorithm names) and adds a
	  setter for the MAC.key property.

2016-03-21  Arthur de Jong <arthur@arthurdejong.org>

	* [8fd35ba] pskc/encryption.py, pskc/key.py: Write out encrypted
	  values

	  The Encryption class now has a fields property that lists the
	  fields that should be encrypted when writing the PSKC file.

	  This adds an encrypt_value() function that performs the encryption
	  and various functions to convert the plain value to binary before
	  writing the encrypted XML elements.

2016-03-20  Arthur de Jong <arthur@arthurdejong.org>

	* [eba541e] pskc/__init__.py, pskc/encryption.py, pskc/mac.py:
	  Make Encryption and MAC constructors consistent

	  This removes calling parse() from the Encryption and MAC
	  constructors and stores a reference to the PSKC object in both
	  objects so it can be used later on.

2016-03-20  Arthur de Jong <arthur@arthurdejong.org>

	* [fe21231] pskc/__init__.py, pskc/encryption.py,
	  tests/test_write.doctest: Write encryption key information

	  This writes information about a pre-shared key or PBKDF2 key
	  derivation in the PSKC file. This also means that writing
	  a decrypted version of a previously encrypted file requires
	  actively removing the encryption.

2016-03-19  Arthur de Jong <arthur@arthurdejong.org>

	* [0893640] pskc/encryption.py, tests/test_misc.doctest: Add
	  algorithm_key_lengths property

	  This property on the Encryption object provides a list of key
	  sizes (in bytes) that the configured encryption algorithm supports.

2016-03-22  Arthur de Jong <arthur@arthurdejong.org>

	* [8b5f6c2] pskc/policy.py, tests/test_misc.doctest,
	  tests/test_rfc6030.doctest, tests/test_write.doctest: Also check
	  key expiry in may_use()

2016-03-20  Arthur de Jong <arthur@arthurdejong.org>

	* [dfa57ae] pskc2csv.py: Support reading password or key in pskc2csv

	  This supports reading the encryption password or key from the
	  command line or from a file.

2014-06-28  Arthur de Jong <arthur@arthurdejong.org>

	* [0744222] pskc/xml.py: Copy namespaces to toplevel element

	  Ensure that when writing an XML file all namespace definitions
	  are on the toplevel KeyContainer element instead of scattered
	  throughout the XML document.

2016-03-19  Arthur de Jong <arthur@arthurdejong.org>

	* [e8ef157] pskc/__init__.py, tests/test_write.doctest: Support
	  writing to text streams in Python 3

	  This supports writing the XML output to binary streams as well
	  as text streams in Python 3.

2016-03-19  Arthur de Jong <arthur@arthurdejong.org>

	* [cadc6d9] pskc/key.py, pskc/mac.py,
	  tests/invalid/missing-encryption.pskcxml,
	  tests/invalid/not-boolean.pskcxml,
	  tests/invalid/not-integer.pskcxml,
	  tests/invalid/not-integer2.pskcxml,
	  tests/invalid/unknown-encryption.pskcxml, tests/test_aeskw.doctest,
	  tests/test_encryption.doctest, tests/test_invalid.doctest,
	  tests/test_misc.doctest, tests/test_rfc6030.doctest,
	  tests/test_tripledeskw.doctest, tests/test_write.doctest:
	  Improve tests and test coverage

	  This adds tests to ensure that incorrect attribute and value
	  types in the PSKC file raise a ValueError exception and extends
	  the tests for invalid encryption options.

	  This removes some code or adds no cover directives to a few
	  places that have unreachable code or are Python version specific
	  and places doctest directives inside the doctests where needed.

2016-03-19  Arthur de Jong <arthur@arthurdejong.org>

	* [b8905e0] pskc/key.py, pskc/xml.py, tests/misc/checkdigits.pskcxml,
	  tests/test_misc.doctest: Support both CheckDigit and CheckDigits

	  RFC 6030 is not clear about whether the attribute of
	  ChallengeFormat and ResponseFormat should be the singular
	  CheckDigit or the plural CheckDigits. This ensures that both
	  forms are accepted.

2016-03-19  Arthur de Jong <arthur@arthurdejong.org>

	* [7915c55] pskc/policy.py, tests/misc/policy.pskcxml,
	  tests/test_misc.doctest: Implement policy checking

	  This checks for unknown policy elements in the PSKC file and
	  will cause the key usage policy check to fail.

2016-03-18  Arthur de Jong <arthur@arthurdejong.org>

	* [1687fd6] tests/feitian/20120919-test001-4282.xml,
	  tests/feitian/file1.pskcxml, tests/nagraid/file1.pskcxml,
	  tests/test_vendors.doctest: Add a few tests for vendor files

	  Some vendor-specific files were lifted from the LinOTP test suite
	  and another Feitian file was found in the oath-toolkit repository.

2016-01-31  Arthur de Jong <arthur@arthurdejong.org>

	* [aae8a18] pskc/key.py, tests/misc/integers.pskcxml,
	  tests/test_misc.doctest: Support various integer representations

	  This extends support for handling various encoding methods for
	  integer values in PSKC files. For encrypted files the decrypted
	  value is first tried to be evaluated as an ASCII representation
	  of the number and after that big-endian decoded.

	  For plaintext values first ASCII decoding is tried after which
	  base64 decoding is tried which tries the same encodings as for
	  decrypted values.

	  There should be no possibility for any base64 encoded value
	  (either of an ASCII value or a big-endian value) to be interpreted
	  as an ASCII value for any 32-bit integer.

	  There is a possibility that a big-endian encoded integer could
	  be incorrectly interpreted as an ASCII value but this is only
	  the case for 110 numbers when only considering 6-digit numbers.

2016-01-24  Arthur de Jong <arthur@arthurdejong.org>

	* [c86aaea] README, pskc/__init__.py,
	  tests/draft-hoyer-keyprov-pskc-algorithm-profiles-01/actividentity-3des.pskcxml,
	  tests/draft-hoyer-keyprov-pskc-algorithm-profiles-01/ocra.pskcxml,
	  tests/draft-hoyer-keyprov-pskc-algorithm-profiles-01/securid-aes-counter.pskcxml,
	  tests/draft-hoyer-keyprov-pskc-algorithm-profiles-01/totp.pskcxml,
	  tests/encryption/aes128-cbc.pskcxml,
	  tests/encryption/aes192-cbc.pskcxml,
	  tests/encryption/aes256-cbc.pskcxml,
	  tests/encryption/kw-aes128.pskcxml,
	  tests/encryption/kw-aes192.pskcxml,
	  tests/encryption/kw-aes256.pskcxml,
	  tests/encryption/kw-tripledes.pskcxml,
	  tests/encryption/tripledes-cbc.pskcxml,
	  tests/invalid/encryption.pskcxml,
	  tests/invalid/mac-algorithm.pskcxml,
	  tests/invalid/mac-value.pskcxml,
	  tests/invalid/no-mac-method.pskcxml, tests/invalid/notxml.pskcxml,
	  tests/invalid/wrongelement.pskcxml,
	  tests/invalid/wrongversion.pskcxml,
	  tests/misc/SampleFullyQualifiedNS.xml,
	  tests/misc/odd-namespace.pskcxml, tests/rfc6030/figure10.pskcxml,
	  tests/rfc6030/figure2.pskcxml, tests/rfc6030/figure3.pskcxml,
	  tests/rfc6030/figure4.pskcxml, tests/rfc6030/figure5.pskcxml,
	  tests/rfc6030/figure6.pskcxml, tests/rfc6030/figure7.pskcxml,
	  tests/test_draft_keyprov.doctest, tests/test_encryption.doctest,
	  tests/test_invalid.doctest, tests/test_misc.doctest,
	  tests/test_rfc6030.doctest, tests/test_write.doctest: Re-organise
	  test files

	  This puts the test PSKC files in subdirectories so they can be
	  organised more cleanly.

2016-01-23  Arthur de Jong <arthur@arthurdejong.org>

	* [1904dc2] tests/test_misc.doctest: Add test for incorrect key
	  derivation

	  If no key derivation algorithm has been specified in the PSKC
	  file an exception should be raised when attempting to perform
	  key derivation.

2016-01-24  Arthur de Jong <arthur@arthurdejong.org>

	* [91f66f4] pskc/encryption.py, pskc/key.py, pskc/mac.py: Refactor
	  out EncryptedValue and ValueMAC

	  This removes the EncryptedValue and ValueMAC classes and instead
	  moves the XML parsing of these values to the DataType class. This
	  will make it easier to support different parsing schemes.

	  This also includes a small consistency improvement in the
	  subclasses of DataType.

2016-01-23  Arthur de Jong <arthur@arthurdejong.org>

	* [9b13d3b] pskc/encryption.py, tests/test_misc.doctest: Normalise
	  algorithm names

	  This transforms the algorithm URIs that are set to known values
	  when parsing or setting the algorithm.

2016-01-22  Arthur de Jong <arthur@arthurdejong.org>

	* [b6eab47] docs/encryption.rst, pskc/encryption.py,
	  tests/test_encryption.doctest, tests/test_misc.doctest: Add
	  encryption algorithm property

	  Either determine the encryption algorithm from the PSKC file
	  or from the explicitly set value. This also adds support for
	  setting the encryption key name.

2016-01-22  Arthur de Jong <arthur@arthurdejong.org>

	* [b5f7de5] pskc/key.py, tests/test_write.doctest: Fix a problem
	  when writing previously encrypted file

	  This fixes a problem with writing a PSKC file that is based on
	  a read file that was encrypted.

2016-01-22  Arthur de Jong <arthur@arthurdejong.org>

	* [107a836] pskc/__init__.py, pskc/encryption.py, pskc/key.py,
	  pskc/mac.py, pskc/policy.py, pskc/xml.py: Strip XML namespaces
	  before parsing

	  This simplifies calls to the find() family of functions and
	  allows parsing PSKC files that have slightly different namespace
	  URLs. This is especially common when parsing old draft versions
	  of the specification.

	  This also removes passing multiple patterns to the find()
	  functions that was introduced in 68b20e2.

2015-12-28  Arthur de Jong <arthur@arthurdejong.org>

	* [a86ff8a] README, docs/encryption.rst: Update some documentation

	  This adds a development notes section to the README and changes
	  the wording on the encryption page.

2015-12-01  Mathias Laurin <Mathias.Laurin+github.com@gmail.com>

	* [0ff4154] docs/encryption.rst: Fix typo in the documentation

2015-12-01  Mathias Laurin <Mathias.Laurin+github.com@gmail.com>

	* [3473903] pskc2csv.py: Support Python 3

2015-11-30  Mathias Laurin <Mathias.Laurin+github.com@gmail.com>

	* [a82a60b] pskc/key.py: Make value conversion methods static private

	  - the conversions do not call self: they are static - the
	  conversions are not to be used out of the class: make private

2015-11-30  Mathias Laurin <Mathias.Laurin+github.com@gmail.com>

	* [e711a30] pskc/key.py: Provide abstract methods to clarify API

2015-11-30  Mathias Laurin <Mathias.Laurin+github.com@gmail.com>

	* [1577687] pskc/encryption.py: Fix typo in variable name

2015-11-30  Mathias Laurin <Mathias.Laurin+github.com@gmail.com>

	* [3aa2a6f] tests/test_invalid.doctest: Fix doctest:
	  IGNORE_EXCEPTION_DETAL

2015-10-07  Arthur de Jong <arthur@arthurdejong.org>

	* [c155d15] ChangeLog, MANIFEST.in, NEWS, pskc/__init__.py,
	  setup.py: Get files ready for 0.3 release

2015-10-07  Arthur de Jong <arthur@arthurdejong.org>

	* [cf0c9e6] README, docs/conf.py, docs/encryption.rst,
	  docs/exceptions.rst, docs/mac.rst, docs/policy.rst, docs/usage.rst,
	  pskc/__init__.py: Update documentation

	  This updates the documentation with the new features (writing PSKC
	  files) as well as many editorial improvements, some rewording
	  and a few typo fixes. Some things were moved around a little in
	  order to be more easily readable and easier to find.

2015-10-06  Arthur de Jong <arthur@arthurdejong.org>

	* [671b6e2] pskc/__init__.py, pskc/crypto/aeskw.py,
	  pskc/crypto/tripledeskw.py, pskc/encryption.py, pskc/key.py,
	  pskc/policy.py, pskc/xml.py, setup.py, tests/test_aeskw.doctest,
	  tests/test_draft_keyprov.doctest, tests/test_encryption.doctest,
	  tests/test_invalid.doctest, tests/test_misc.doctest,
	  tests/test_rfc6030.doctest, tests/test_tripledeskw.doctest,
	  tests/test_write.doctest: Support Python 3

	  This enables support for Python 3 together with Python 2 support
	  with a single codebase.

	  On Python 3 key data is passed around as bytestrings which makes
	  the doctests a little harder to maintain across Python versions.

2015-10-06  Arthur de Jong <arthur@arthurdejong.org>

	* [68b20e2] pskc/encryption.py, pskc/xml.py,
	  tests/SampleFullyQualifiedNS.xml, tests/test_misc.doctest:
	  Fix issue with namespaced PBKDF2 parameters

	  The find() utility functions now allow specifying multiple paths
	  to be searched where the first match is returned.

	  This allows handling PSKC files where the PBKDF2 salt, iteration
	  count, key length and PRF elements are prefixed with the xenc11
	  namespace.

	  A test including such a PSKC file has been included.

	  Thanks to Eric Plet for reporting this.

2014-10-12  Arthur de Jong <arthur@arthurdejong.org>

	* [ebe46f2] pskc2csv.py: Provide a sample pskc2csv script

	  This is a simple command-line utility that reads a PSKC file
	  and outputs information on keys as CSV.

2014-06-30  Arthur de Jong <arthur@arthurdejong.org>

	* [1363564] pskc/crypto/__init__.py, pskc/crypto/aeskw.py,
	  pskc/crypto/tripledeskw.py, pskc/encryption.py,
	  tests/test_aeskw.doctest, tests/test_tripledeskw.doctest: Move
	  encryption functions in pskc.crypto package

	  This moves the encryption functions under the pskc.crypto package
	  to more clearly separate it from the other code. Ideally this
	  should be replaced by third-party library code.

2014-06-30  Arthur de Jong <arthur@arthurdejong.org>

	* [e468ebe] pskc/__init__.py, pskc/encryption.py, pskc/key.py,
	  pskc/mac.py, pskc/policy.py, pskc/xml.py: Rename pskc.parse
	  to pskc.xml

	  This renames the parse module to xml to better reflect the
	  purpose of the module and it's functions.

	  This also introduces a parse() function that wraps etree.parse().

2014-06-28  Arthur de Jong <arthur@arthurdejong.org>

	* [480e2d0] : Support writing unencrypted PSKC files

2014-06-27  Arthur de Jong <arthur@arthurdejong.org>

	* [37dc64a] tests/test_write.doctest: Add test for writing PSKC files

	  This makes a simple doctest that checks the writing of the XML
	  representation of the PSKC data.

2014-06-27  Arthur de Jong <arthur@arthurdejong.org>

	* [865a755] pskc/__init__.py, pskc/parse.py: Add function for
	  writing XML

	  This provides a function for pretty-printing the generated
	  XML document.

2014-06-27  Arthur de Jong <arthur@arthurdejong.org>

	* [61a192f] pskc/__init__.py, pskc/key.py, pskc/policy.py: Construct
	  XML document with basic PKSC information

	  This introduces make_xml() functions to build an XML document
	  that contains the basic PSKC information and keys. This currently
	  only supports writing unencrypted PSKC files.

2014-06-27  Arthur de Jong <arthur@arthurdejong.org>

	* [69aec9f] pskc/parse.py: Introduce mk_elem() to create elements

	  This introduces the mk_elem() function that can be used to create
	  ElementTree elements for building XML documents. This function
	  transparetly handles namespaces, translation of values into
	  XML etc.

2014-06-27  Arthur de Jong <arthur@arthurdejong.org>

	* [7591271] pskc/key.py: Simplify DataType value handling

	  Only store the native value of the property, not the text
	  representation. This also results in the BinaryDataType and
	  IntegerDataType subclasses only needing from_text() and from_bin()
	  functions.

2014-06-19  Arthur de Jong <arthur@arthurdejong.org>

	* [09eb6b3] ChangeLog, NEWS, docs/changes.rst, docs/index.rst,
	  docs/usage.rst, pskc/__init__.py, setup.py: Get files ready for
	  0.2 release

2014-06-19  Arthur de Jong <arthur@arthurdejong.org>

	* [62c9af4] pskc/__init__.py: Only catch normal exceptions

2014-06-18  Arthur de Jong <arthur@arthurdejong.org>

	* [deb57d7] pskc/__init__.py: Remove unused import

2014-06-17  Arthur de Jong <arthur@arthurdejong.org>

	* [178ef1c] pskc/encryption.py: PEP8 fix

2014-06-17  Arthur de Jong <arthur@arthurdejong.org>

	* [7435552] pskc/exceptions.py: Remove __str__ from exception

	  The message property has been deprecated as of Python 2.6 and
	  printing the first argument is the default.

2014-06-16  Arthur de Jong <arthur@arthurdejong.org>

	* [f084735] README, docs/encryption.rst, docs/exceptions.rst,
	  docs/index.rst, docs/mac.rst, docs/policy.rst, docs/usage.rst:
	  Update documentation

	  This updates the documentation with the current API, adding
	  information on exceptions raised, HMAC algorithms supported and
	  changes to the MAC checking.

	  This also includes some editorial changes to some of the text and
	  making references shorter by not including the full package path.

2014-06-15  Arthur de Jong <arthur@arthurdejong.org>

	* [d84e761] pskc/parse.py: Simplify finding ElementTree
	  implementation

	  These are the only ElementTree implementations that have been
	  tested to provide the needed functionality (mostly namespaces).

2014-06-15  Arthur de Jong <arthur@arthurdejong.org>

	* [50b429d] pskc/key.py, pskc/parse.py, pskc/policy.py: Refactor
	  out some functions to parse

	  This introduces the getint() and getbool() functions in parse
	  to avoid some code duplication.

2014-06-15  Arthur de Jong <arthur@arthurdejong.org>

	* [9a16ce4] pskc/key.py, tests/test_misc.doctest: Add support for
	  setting secret

	  This supports setters for the secret, counter, time_offset,
	  time_interval and time_drift properties. Setting these values
	  stores the values unencrypted internally.

2014-06-14  Arthur de Jong <arthur@arthurdejong.org>

	* [1b9ee9f] pskc/encryption.py: Support PBKDF2 PRF argument

	  Support specifying a pseudorandom function for PBKDF2 key
	  derivation. It currently supports any HMAC that the MAC checking
	  also supports.

2014-06-14  Arthur de Jong <arthur@arthurdejong.org>

	* [79b9a7d] pskc/mac.py: Provide a get_hmac() function

	  Refactor the functionality to find an HMAC function into a
	  separate function.

2014-06-14  Arthur de Jong <arthur@arthurdejong.org>

	* [1417d4a] tests/invalid-mac-algorithm.pskcxml,
	  tests/invalid-mac-value.pskcxml,
	  tests/invalid-no-mac-method.pskcxml, tests/test_invalid.doctest:
	  Add tests for missing or invalid MAC

	  This tests for incomplete, unknown or invalid MACs in PSKC files.

2014-06-14  Arthur de Jong <arthur@arthurdejong.org>

	* [9d8aae0] pskc/key.py, pskc/mac.py: Raise exception when MAC
	  validation fails

	  This changes the way the check() function works to raise an
	  exception when the MAC is not correct. The MAC is also now always
	  checked before attempting decryption.

	  This also renames the internal DataType.value property to a
	  get_value() method for clarity.

2014-06-14  Arthur de Jong <arthur@arthurdejong.org>

	* [699ecf8] pskc/encryption.py: Handle missing MAC algorithm properly

2014-06-14  Arthur de Jong <arthur@arthurdejong.org>

	* [01e102b] tests/aes128-cbc.pskcxml, tests/aes192-cbc.pskcxml,
	  tests/aes256-cbc.pskcxml, tests/test_encryption.doctest,
	  tests/tripledes-cbc.pskcxml: Add MAC tests to all CBC encrypted
	  keys

	  This adds hmac-sha224, hmac-sha256, hmac-sha384 and hmac-sha512
	  tests for values that are encrypted using CBC block cypher modes.

2014-06-14  Arthur de Jong <arthur@arthurdejong.org>

	* [59e790e] pskc/mac.py: Automatically support all MACs in hashlib

	  This uses the name of the hash to automatically get the correct
	  hash object from Python's hashlib.

2014-06-14  Arthur de Jong <arthur@arthurdejong.org>

	* [566e447] pskc/__init__.py, pskc/parse.py, setup.py: Support
	  various ElementTree implementations

	  When using a recent enough lxml, even Python 2.6 should work
	  now. The most important requirement is that the findall()
	  function supports the namespaces argument.

	  This also now catches all exceptions when parsing the PSKC file
	  fails and wraps it in ParseError because various implementations
	  raise different exceptions, even between versions (Python 2.6's
	  ElementTree raises ExpatError, lxml raises XMLSyntaxError).

2014-06-13  Arthur de Jong <arthur@arthurdejong.org>

	* [5d60ee2] pskc/__init__.py, pskc/encryption.py, pskc/key.py,
	  pskc/mac.py, pskc/parse.py, pskc/policy.py: Have parse module
	  provide find() functions

	  This changes the parse module functions to better match the
	  ElementTree API and extends it with findint(), findtime()
	  and findbin().

	  It also passes the namespaces to all calls that require it
	  without duplicating this throughout the normal code.

2014-06-11  Arthur de Jong <arthur@west.nl>

	* [6a34c01] pskc/__init__.py, pskc/encryption.py, pskc/key.py,
	  pskc/mac.py, pskc/policy.py: Use get() instead of attrib.get()
	  (shorter)

2014-05-31  Arthur de Jong <arthur@arthurdejong.org>

	* [4d92b93] pskc/encryption.py, tests/kw-tripledes.pskcxml,
	  tests/test_encryption.doctest: Support kw-tripledes decryption

	  This adds support for key unwrapping using the RFC 3217 Triple
	  DES key wrap algorithm if the PSKC file uses this.

2014-05-31  Arthur de Jong <arthur@arthurdejong.org>

	* [fd71f01] pskc/tripledeskw.py, tests/test_tripledeskw.doctest:
	  Implement RFC 3217 Triple DES key wrapping

2014-05-31  Arthur de Jong <arthur@arthurdejong.org>

	* [f639318] tests/test_minimal.doctest, tests/test_misc.doctest:
	  Merge test_minimal into test_misc

2014-05-31  Arthur de Jong <arthur@arthurdejong.org>

	* [1e7f861] tests/draft-keyprov-actividentity-3des.pskcxml,
	  tests/test_draft_keyprov.doctest: Add an ActivIdentity-3DES test

	  The test is taken from
	  draft-hoyer-keyprov-pskc-algorithm-profiles-01 modified to fit
	  the schema as described in RFC 6030.

2014-05-31  Arthur de Jong <arthur@arthurdejong.org>

	* [b7cb928] tests/draft-keyprov-securid-aes-counter.pskcxml,
	  tests/test_draft_keyprov.doctest: Add an SecurID-AES-Counter test

	  The test is taken from
	  draft-hoyer-keyprov-pskc-algorithm-profiles-01 modified to be
	  valid XML and to fit the schema as described in RFC 6030.

2014-05-31  Arthur de Jong <arthur@arthurdejong.org>

	* [427319f] tests/draft-keyprov-totp.pskcxml,
	  tests/test_draft_keyprov.doctest: Add an TOTP test

	  The test is taken from
	  draft-hoyer-keyprov-pskc-algorithm-profiles-01 modified to fit
	  the schema as described in RFC 6030.

2014-05-31  Arthur de Jong <arthur@arthurdejong.org>

	* [ba49d09] tests/draft-keyprov-ocra.pskcxml,
	  tests/test_draft_keyprov.doctest: Add an OCRA test

	  The test is taken from
	  draft-hoyer-keyprov-pskc-algorithm-profiles-01 modified to fit
	  the schema as described in RFC 6030.

2014-05-31  Arthur de Jong <arthur@arthurdejong.org>

	* [0a66ede] tests/odd-namespace.pskcxml, tests/test_misc.doctest:
	  Add a test for an odd namespace

2014-05-30  Arthur de Jong <arthur@arthurdejong.org>

	* [287afa7] pskc/encryption.py, tests/kw-aes128.pskcxml,
	  tests/kw-aes192.pskcxml, tests/kw-aes256.pskcxml,
	  tests/test_encryption.doctest: Support kw-aes128, kw-aes192
	  and kw-aes256

	  This adds support for key unwrapping using the RFC 3394 or RFC
	  5649 algorithm if the PSKC file uses this.

2014-05-30  Arthur de Jong <arthur@arthurdejong.org>

	* [99ba287] pskc/aeskw.py, tests/test_aeskw.doctest: Implement
	  padding as specified in RFC 5649

	  This adds a pad argument with which padding can be forced or
	  disabled.

2014-05-29  Arthur de Jong <arthur@arthurdejong.org>

	* [ebf8945] pskc/aeskw.py, tests/test_aeskw.doctest: Allow speciying
	  an initial value for key wrapping

2014-05-29  Arthur de Jong <arthur@arthurdejong.org>

	* [5720fe5] pskc/aeskw.py, pskc/exceptions.py,
	  tests/test_aeskw.doctest: Provide an RFC 3394 AES key wrapping
	  algorithm

	  This also introduces an EncryptionError exception.

2014-05-29  Arthur de Jong <arthur@arthurdejong.org>

	* [7164d89] README, docs/usage.rst, pskc/__init__.py,
	  tests/rfc6030-figure10.pskcxml, tests/rfc6030-figure2.pskcxml,
	  tests/rfc6030-figure3.pskcxml, tests/rfc6030-figure4.pskcxml,
	  tests/rfc6030-figure5.pskcxml, tests/rfc6030-figure6.pskcxml,
	  tests/rfc6030-figure7.pskcxml, tests/test_rfc6030.doctest:
	  Always put a space between RFC and number

2014-05-29  Arthur de Jong <arthur@arthurdejong.org>

	* [ccebb69] pskc/encryption.py, tests/test_encryption.doctest,
	  tests/tripledes-cbc.pskcxml: Support Tripple DES decryption

2014-05-29  Arthur de Jong <arthur@arthurdejong.org>

	* [a11f31f] tests/test_invalid.doctest: Add tests for key derivation
	  problems

	  This tests for unknown or missing algorithms and unknown
	  derivation parameters.

2014-05-29  Arthur de Jong <arthur@arthurdejong.org>

	* [0738c94] pskc/encryption.py, pskc/exceptions.py: Raise exception
	  when key derivation fails

	  This also renames the internal function that implements the
	  derivation.

2014-05-29  Arthur de Jong <arthur@arthurdejong.org>

	* [76ef42b] pskc/encryption.py, pskc/exceptions.py,
	  tests/invalid-encryption.pskcxml, tests/test_invalid.doctest:
	  Add test for missing key encryption algorithm

	  This also introduces a toplevel PSKCError exception that all
	  exceptions have as parent.

2014-05-29  Arthur de Jong <arthur@arthurdejong.org>

	* [7f26dc6] tests/aes128-cbc.pskcxml, tests/aes192-cbc.pskcxml,
	  tests/aes256-cbc.pskcxml, tests/test_encryption.doctest: Add
	  test for all AES-CBC encryption schemes

2014-05-29  Arthur de Jong <arthur@arthurdejong.org>

	* [28f2c1c] pskc/encryption.py: Support more AES-CBC encryption
	  schemes

	  This also moves the crypto imports to the places where they are
	  used to avoid a depenency on pycrypto if no encryption is used.

2014-05-29  Arthur de Jong <arthur@arthurdejong.org>

	* [678b127] tests/test_minimal.doctest: Add test for missing
	  secret value

2014-05-25  Arthur de Jong <arthur@arthurdejong.org>

	* [bef2f7d] pskc/__init__.py, pskc/key.py,
	  tests/test_minimal.doctest: Add a function for adding a new key

2014-05-25  Arthur de Jong <arthur@arthurdejong.org>

	* [46f5749] pskc/__init__.py: Consistency improvement

2014-05-25  Arthur de Jong <arthur@arthurdejong.org>

	* [83f5a4b] pskc/__init__.py, tests/test_minimal.doctest: Support
	  creating an empty PSKC instance

2014-05-25  Arthur de Jong <arthur@arthurdejong.org>

	* [820c83c] pskc/encryption.py, pskc/mac.py: Be more lenient in
	  accepting algorithms

2014-05-25  Arthur de Jong <arthur@arthurdejong.org>

	* [02bde47] pskc/key.py: Code simplification

2014-05-25  Arthur de Jong <arthur@arthurdejong.org>

	* [b62fec8] pskc/encryption.py, pskc/exceptions.py,
	  tests/invalid-encryption.pskcxml, tests/test_invalid.doctest,
	  tests/test_rfc6030.doctest: Raise an exception if decryption fails

2014-05-25  Arthur de Jong <arthur@arthurdejong.org>

	* [7bc2e6b] pskc/encryption.py: Make decryption code better readable

2014-05-23  Arthur de Jong <arthur@arthurdejong.org>

	* [714f387] setup.cfg, tests/invalid-notxml.pskcxml,
	  tests/invalid-wrongelement.pskcxml,
	  tests/invalid-wrongversion.pskcxml, tests/test_invalid.doctest:
	  Add tests for invalid PSKC files

2014-05-23  Arthur de Jong <arthur@arthurdejong.org>

	* [803d24c] pskc/__init__.py, pskc/exceptions.py: Raise exceptions
	  on some parsing problems

2014-05-23  Arthur de Jong <arthur@arthurdejong.org>

	* [8c37e26] setup.py: Fix install_requires

2014-05-23  Arthur de Jong <arthur@arthurdejong.org>

	* [8e1729e] ChangeLog, MANIFEST.in, NEWS: Get files ready for
	  0.1 release

2014-05-23  Arthur de Jong <arthur@arthurdejong.org>

	* [15ca643] README, pskc/__init__.py, tests/rfc6030-figure10.pskcxml,
	  tests/rfc6030-figure2.pskcxml, tests/rfc6030-figure3.pskcxml,
	  tests/rfc6030-figure4.pskcxml, tests/rfc6030-figure5.pskcxml,
	  tests/rfc6030-figure6.pskcxml, tests/rfc6030-figure7.pskcxml,
	  tests/test_rfc6030.doctest: Use pskcxml as file name extension

	  This is the extension that is suggested in RFC6030.

2014-05-23  Arthur de Jong <arthur@arthurdejong.org>

	* [44c7d2e] docs/policy.rst, docs/usage.rst: Improve IANA links

2014-05-20  Arthur de Jong <arthur@arthurdejong.org>

	* [cda1c5f] tests/test_rfc6030.doctest: Improve test

	  This tests that, before the PSKC ecnryption is key available,
	  the secret from the key cannot be extracted.

2014-05-19  Arthur de Jong <arthur@arthurdejong.org>

	* [e96c746] docs/_templates/autosummary/module.rst, docs/conf.py,
	  docs/encryption.rst, docs/index.rst, docs/mac.rst, docs/policy.rst,
	  docs/usage.rst: Provide Sphinx documentation

2014-05-18  Arthur de Jong <arthur@arthurdejong.org>

	* [edf4d24] pskc/policy.py: Add missing policy constant

2014-05-18  Arthur de Jong <arthur@arthurdejong.org>

	* [92a994d] pskc/key.py: Fix attribute name in docstring

2014-04-20  Arthur de Jong <arthur@arthurdejong.org>

	* [cc9bbb5] README: Update README

2014-05-17  Arthur de Jong <arthur@arthurdejong.org>

	* [d0a7814] .gitignore, setup.py: Fix dateutil dependency

	  This also ignores downloaded .egg files.

2014-04-19  Arthur de Jong <arthur@arthurdejong.org>

	* [e0159ba] pskc/parse.py: Fix module description

2014-04-19  Arthur de Jong <arthur@arthurdejong.org>

	* [ba17976] pskc/__init__.py, pskc/parse.py: Move PSKC class to
	  toplevel module

	  This also splits the parsing to a parse() function for consistency.

2014-04-19  Arthur de Jong <arthur@arthurdejong.org>

	* [64e207d] pskc/key.py, tests/test_rfc6030.doctest: Provide
	  pskc.key docstrings

	  This documents most of the information that is available per
	  key and adds a few other minor cosmetic changes.

	  This also re-organises the key properties to be in a slightly more
	  logical order and renames the userid key property to key_userid
	  to more clearly distinguish it from device_userid.

2014-04-19  Arthur de Jong <arthur@arthurdejong.org>

	* [6becc61] pskc/parse.py: Provide pskc.parse docstrings

	  This documents most of the API of the parsing functions and the
	  PSKC class.

2014-04-19  Arthur de Jong <arthur@arthurdejong.org>

	* [1d42fbc] pskc/policy.py: Complete pskc.policy docstrings

	  Also contains small consistency improvement.

2014-04-19  Arthur de Jong <arthur@arthurdejong.org>

	* [b07d709] pskc/mac.py: Provide pskc.mac docstrings

	  This also hides two properties that are not part of the public API.

2014-04-19  Arthur de Jong <arthur@arthurdejong.org>

	* [285860e] pskc/encryption.py: Provide pskc.encryption docstrings

	  This documents classes in the pskc.encryption module.

2014-04-19  Arthur de Jong <arthur@arthurdejong.org>

	* [8c9e03d] pskc/key.py, pskc/mac.py, pskc/parse.py, pskc/policy.py:
	  Move Key class to separate module

	  This also allows re-organising the imports a bit.

2014-04-16  Arthur de Jong <arthur@arthurdejong.org>

	* [c883d48] MANIFEST.in, pskc/__init__.py, setup.cfg, setup.py:
	  Add initial setup script

2014-04-14  Arthur de Jong <arthur@arthurdejong.org>

	* [3df6849] COPYING: Include a license file (LGPL)

2014-04-13  Arthur de Jong <arthur@arthurdejong.org>

	* [f08cdb5] tests/rfc6030-figure10.pskc, tests/test_rfc6030.doctest:
	  Add bulk provisioning test from Figure 10

2014-04-13  Arthur de Jong <arthur@arthurdejong.org>

	* [41828cd] pskc/parse.py: Use slightly clearer names

2014-04-12  Arthur de Jong <arthur@arthurdejong.org>

	* [5ab731c] tests/rfc6030-figure7.pskc, tests/test_rfc6030.doctest:
	  Add test for Figure 7 from RFC6030

	  This tests encrypted key derivation using PBKDF2 and a pre-shared
	  passphrase.

2014-04-12  Arthur de Jong <arthur@arthurdejong.org>

	* [a3fd598] pskc/encryption.py: Implement PBKDF2 key derivation

	  This supports deriving the key from a passphrase and information
	  present in the DerivedKey and PBKDF2-params XML elements.

2014-04-12  Arthur de Jong <arthur@arthurdejong.org>

	* [2ff470f] pskc/encryption.py: Add id attribute from EncryptionKey

2014-04-12  Arthur de Jong <arthur@arthurdejong.org>

	* [460f335] tests/rfc6030-figure6.pskc, tests/test_rfc6030.doctest:
	  Add test for Figure 6 from RFC6030

	  This test key encryption with a pre-shared key and MAC checks.

2014-04-12  Arthur de Jong <arthur@arthurdejong.org>

	* [a926ddb] pskc/mac.py, pskc/parse.py: Implement MAC checking

	  This implements message message authentication code checking
	  for the encrypted values if MACMethod and ValueMAC are present.

2014-04-12  Arthur de Jong <arthur@arthurdejong.org>

	* [e53e865] pskc/encryption.py, pskc/parse.py: Support decrypting
	  with a pre-shared key

	  This adds an encryption module that provides wrappers for
	  handling decryption.

2014-04-11  Arthur de Jong <arthur@arthurdejong.org>

	* [3fe0919] pskc/parse.py: Refactor DataType value handling

	  This ensures that DataType values are retrieved dynamically
	  instead of at the time the PSKC file was parsed in order to make
	  decryption work.

2014-04-11  Arthur de Jong <arthur@arthurdejong.org>

	* [591bb5d] pskc/policy.py: Document key and pin usage values

2014-04-11  Arthur de Jong <arthur@arthurdejong.org>

	* [b952b93] tests/rfc6030-figure5.pskc, tests/test_rfc6030.doctest:
	  Add test for Figure 5 from RFC6030

	  This test extraction of key policy information and cross-key
	  references.

2014-04-11  Arthur de Jong <arthur@arthurdejong.org>

	* [e939a96] pskc/parse.py, pskc/policy.py: Implement key policy
	  parsing

	  This parses key policy from PSKC files and provides a few utility
	  methods to help with policy validation.

2014-04-11  Arthur de Jong <arthur@arthurdejong.org>

	* [8c9ac8c] pskc/parse.py: Support parsing date and integer values

2014-04-11  Arthur de Jong <arthur@arthurdejong.org>

	* [6446f7d] tests/rfc6030-figure4.pskc, tests/test_rfc6030.doctest:
	  Add test for Figure 4 from RFC6030

	  This tests for key profile and key reference properties that
	  can be used to reference external keys.

2014-04-07  Arthur de Jong <arthur@arthurdejong.org>

	* [e72369f] tests/rfc6030-figure3.pskc, tests/test_rfc6030.doctest:
	  Add test for Figure 3 from RFC6030

	  This tests Figure 3 from RFC6030 with a very basic plain text
	  secret key and some supplementary data.

2014-04-07  Arthur de Jong <arthur@arthurdejong.org>

	* [2c111a8] pskc/parse.py: Get more data from KeyPackage

	  This gets most simple string values from the KeyPackage as well
	  as some integer and boolean values.

2014-04-07  Arthur de Jong <arthur@arthurdejong.org>

	* [96b4b54] tests/rfc6030-figure2.pskc, tests/test-rfc6030.doctest:
	  Add test for example from RFC6030

	  This tests Figure 2 from RFC6030 with a very basic plain text
	  secret key.

2014-04-07  Arthur de Jong <arthur@arthurdejong.org>

	* [d662cf2] pskc/parse.py: Support getting plaintext key

2014-04-07  Arthur de Jong <arthur@arthurdejong.org>

	* [550630d] tests/test_minimal.doctest: Minimal test

	  This adds a doctest for the absolute minimum PSKC file that does
	  not contain any useful information.

2014-04-07  Arthur de Jong <arthur@arthurdejong.org>

	* [bf8e7f6] pskc/__init__.py, pskc/parse.py: Basic implementation
	  of PSKC class

	  This class is used for handling PSKC files. It will parse the
	  file and store relevant properties for easy access. The Key
	  class corresponds to a single key defined in the PSKC file.

	  This is a very minimal implementation that only provides some
	  meta-data from the file and keys (work in progress).

2014-04-04  Arthur de Jong <arthur@arthurdejong.org>

	* [9803dfc] README: Provide an initial README

2014-04-02  Arthur de Jong <arthur@arthurdejong.org>

	* [c912bb4] .gitignore, pskc/__init__.py: Initial project layout